zasekaný počítač

[Jonjo]

Zdravím, počítač mi jede hrozně pomalu, hodně se seká video a zvuk, RAM kontrolka neustále bliká, i když zrovna na počítači nepracuji. Prosím vás, zda-li byste mi nezkontrolovali log. Děkuji.

Logfile of random's system information tool 1.06 (written by random/random)
Run by Honza at 2010-01-19 14:00:00
Systém Microsoft Windows XP Professional Service Pack 2
System drive C: has 1 GB (2%) free of 54 GB
Total RAM: 1022 MB (27% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:00:31, on 19.1.2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
C:\Acer\Empowering Technology\admServ.exe
C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Mouse Driver\KMWDSrv.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Acer\Empowering Technology\admtray.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\PROGRA~1\LAUNCH~1\LManager.exe
C:\Acer\Empowering Technology\eRecovery\Monitor.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Acer\OrbiCam\CameraAssistant.exe
C:\Program Files\Raxco\PerfectDisk2008\PD91Agent.exe
C:\WINDOWS\system32\ElkCtrl.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Yaho's Miranda IM\miranda32.exe
C:\Program Files\Mouse Driver\StartAutorun.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\fxssvc.exe
C:\Program Files\Mouse Driver\KMConfig.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe
C:\Program Files\Mouse Driver\KMProcess.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIEDE.EXE
C:\Documents and Settings\All Users\Application Data\LangSoft\OETRN.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\DOCUME~1\Honza\LOCALS~1\Temp\RtkBtMnt.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
C:\Program Files\Common Files\Teleca Shared\Generic.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Java\jre6\bin\jucheck.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Thunderbird\thunderbird.exe
J:\PC\RSIT.exe
C:\Program Files\trend micro\Honza.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://uk.rd.yahoo.com/customize/ycomp/ ... .yahoo.com
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.icq.com/start
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll
O3 - Toolbar: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ADMTray.exe] "C:\Acer\Empowering Technology\admtray.exe"
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [ePower_DMC] C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
O4 - HKLM\..\Run: [Acer ePower Management] C:\Acer\Empowering Technology\ePower\Acer ePower Management.exe boot
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\Monitor.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Program Files\Acer\OrbiCam\CameraAssistant.exe
O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Program Files\Acer\OrbiCam\InstallHelper.exe /inspect
O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINDOWS\system32\ElkCtrl.exe /automation
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [KMCONFIG] C:\Program Files\Mouse Driver\StartAutorun.exe KMConfig.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [DrvIcon] C:\Program Files\Vista Drive Icon\DrvIcon.exe
O4 - HKLM\..\Run: [USB2Check] RUNDLL32.EXE "C:\WINDOWS\system32\PCLECoInst.dll",CheckUSBController
O4 - HKLM\..\Run: [USBToolTip] "C:\Program Files\Pinnacle\Shared Files\\Programs\USBTip\USBTip.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Honza\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [EPSON SX100 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIEDE.EXE /FU "C:\WINDOWS\TEMP\E_S3BCF.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [OEXPRESS] C:\Documents and Settings\All Users\Application Data\LangSoft\OETRN.EXE
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: &Winamp Search - C:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: AdminWorks Agent X6 (AWService) - Avocent Inc. - C:\Acer\Empowering Technology\admServ.exe
O23 - Service: Capture Device Service - InterVideo Inc. - C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Update Service (gupdate1c97b5b71264586) (gupdate1c97b5b71264586) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Keyboard And Mouse Communication Service (KMWDSERVICE) - UASSOFT.COM - C:\Program Files\Mouse Driver\KMWDSrv.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech - c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PD91Agent - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk2008\PD91Agent.exe
O23 - Service: PD91Engine - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk2008\PD91Engine.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - C:\Program Files\WinPcap\rpcapd.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe

--
End of file - 17432 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Google Software Updater.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-437514146-2928971401-383597723-1005Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-437514146-2928971401-383597723-1005UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{25CEE8EC-5730-41bc-8B58-22DDC8AB8C20}]
Winamp Toolbar Loader - C:\Program Files\Winamp Toolbar\winamptb.dll [2009-05-06 1262888]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}]
WebTransBHO Class - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll [2009-11-29 520192]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre6\bin\ssv.dll [2009-03-09 320920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9421DD08-935F-4701-A9CA-22DF90AC4EA6}]
Easy Photo Print - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2008-04-02 266240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll [2009-08-09 668656]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-03-09 35840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-03-09 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - Acer eDataSecurity Management - C:\WINDOWS\system32\eDStoolbar.dll [2006-02-22 106496]
{9421DD08-935F-4701-A9CA-22DF90AC4EA6} - Easy Photo Print - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2008-04-02 266240]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll [2009-11-29 520192]
{EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - Winamp Toolbar - C:\Program Files\Winamp Toolbar\winamptb.dll [2009-05-06 1262888]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"igfxtray"=C:\WINDOWS\system32\igfxtray.exe [2006-03-23 94208]
"igfxhkcmd"=C:\WINDOWS\system32\hkcmd.exe [2006-03-23 77824]
"igfxpers"=C:\WINDOWS\system32\igfxpers.exe [2006-03-23 118784]
"BluetoothAuthenticationAgent"=bthprops.cpl,,BluetoothAuthenticationAgent []
"ehTray"=C:\WINDOWS\ehome\ehtray.exe [2005-08-05 64512]
"LaunchApp"=Alaunch []
"SkyTel"=C:\WINDOWS\SkyTel.EXE [2006-05-16 2879488]
"AzMixerSel"=C:\Program Files\Realtek\InstallShield\AzMixerSel.exe [2005-12-21 53248]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2006-03-03 761946]
"ADMTray.exe"=C:\Acer\Empowering Technology\admtray.exe [2005-10-24 2462208]
"eDataSecurity Loader"=C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe [2005-12-27 69632]
"IMJPMIG8.1"=C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2004-08-10 208952]
"MSPY2002"=C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe [2004-08-10 59392]
"PHIME2002ASync"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-10 455168]
"PHIME2002A"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-10 455168]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2006-06-28 16248320]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2006-07-19 7581696]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2006-07-19 86016]
"ePower_DMC"=C:\Acer\Empowering Technology\ePower\ePower_DMC.exe [2006-08-10 352256]
"Acer ePower Management"=C:\Acer\Empowering Technology\ePower\Acer ePower Management.exe [2006-05-22 3080704]
"LManager"=C:\PROGRA~1\LAUNCH~1\LManager.exe [2006-07-20 593920]
"eRecoveryService"=C:\Acer\Empowering Technology\eRecovery\Monitor.exe [2006-01-24 397312]
"LVCOMSX"=C:\WINDOWS\system32\LVCOMSX.EXE [2006-06-23 225280]
"LogitechCameraAssistant"=C:\Program Files\Acer\OrbiCam\CameraAssistant.exe [2006-06-26 331776]
"LogitechVideo[inspector]"=C:\Program Files\Acer\OrbiCam\InstallHelper.exe [2006-06-26 73728]
"LogitechCameraService(E)"=C:\WINDOWS\system32\ElkCtrl.exe [2004-11-01 262144]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]
"ISUSPM Startup"=C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe [2005-08-11 249856]
"ISUSScheduler"=C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [2005-08-11 81920]
"NeroFilterCheck"=C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe [2007-03-01 153136]
"NBKeyScan"=C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [2007-09-20 1836328]
"Sony Ericsson PC Suite"=C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe [2006-11-24 487424]
"HPDJ Taskbar Utility"=C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe [2003-05-16 188416]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-01-05 413696]
"KMCONFIG"=C:\Program Files\Mouse Driver\StartAutorun.exe [2008-05-30 212992]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-03-09 148888]
"AdobeCS4ServiceManager"=C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [2008-08-14 611712]
"Adobe Photo Downloader"=C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe [2007-03-09 63712]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2009-02-06 2021400]
"DrvIcon"=C:\Program Files\Vista Drive Icon\DrvIcon.exe []
"USB2Check"=C:\WINDOWS\system32\PCLECoInst.dll [2007-02-20 81920]
"USBToolTip"=C:\Program Files\Pinnacle\Shared Files\\Programs\USBTip\USBTip.exe [2006-10-16 202312]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-10 15360]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe [2007-09-20 202024]
"Google Update"=C:\Documents and Settings\Honza\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-04-02 133104]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-08-09 39408]
"AdobeBridge"= []
"EPSON SX100 Series"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIEDE.EXE [2008-02-05 188928]
"OEXPRESS"=C:\Documents and Settings\All Users\Application Data\LangSoft\OETRN.EXE [2009-11-29 26624]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2006-03-23 139264]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2008-08-11 241704]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
0aMCPClient - {F5DF91F9-15E9-416B-A7C3-7519B11ECBFC}
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\ICQ6\ICQ.exe"="C:\Program Files\ICQ6\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Valve\hl.exe"="C:\Program Files\Valve\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\QIP Infium\infium.exe"="C:\Program Files\QIP Infium\infium.exe:*:Enabled:QIP Infium Beta"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Common Files\Nero\Nero Web\SetupX.exe"="C:\Program Files\Common Files\Nero\Nero Web\SetupX.exe:*:Enabled:Nero ControlCenter"
"D:\Counter-Strike Source\hl2.exe"="D:\Counter-Strike Source\hl2.exe:*:Enabled:hl2"
"C:\WINDOWS\System32\PnkBstrA.exe"="C:\WINDOWS\System32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\System32\PnkBstrB.exe"="C:\WINDOWS\System32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"D:\Program Files\Electronic Arts\The Battle for Middle-earth (tm) II\game.dat"="D:\Program Files\Electronic Arts\The Battle for Middle-earth (tm) II\game.dat:*:Enabled:The Battle for Middle-earth(tm) II"
"C:\Program Files\ASUS\WL-520GC Wireless Router Utilities\Discovery.exe"="C:\Program Files\ASUS\WL-520GC Wireless Router Utilities\Discovery.exe:*:Enabled:ASUS Device Discovery Application"
"C:\totalcmd\TOTALCMD.EXE"="C:\totalcmd\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit international version, file manager replacement for Windows"
"C:\WINDOWS\System32\dpvsetup.exe"="C:\WINDOWS\System32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"D:\Program Files\KONAMI\PES 2009\pes2009.exe"="D:\Program Files\KONAMI\PES 2009\pes2009.exe:*:Enabled:Pro Evolution Soccer 2009"
"C:\Documents and Settings\Honza\Application Data\Facebook\facebook.exe"="C:\Documents and Settings\Honza\Application Data\Facebook\facebook.exe:127.0.0.1/255.255.255.255:Enabled:Facebook"
"D:\Program Files\Electronic Arts\Red Alert 3\Data\ra3_1.0.game"="D:\Program Files\Electronic Arts\Red Alert 3\Data\ra3_1.0.game:*:Enabled:Command & Conquer™ Red Alert™ 3"
"C:\Program Files\QIP Infium\inf.exe"="C:\Program Files\QIP Infium\inf.exe:*:Enabled:QIP Infium"
"C:\Program Files\Rapid PHP 2008\rapidphp.exe"="C:\Program Files\Rapid PHP 2008\rapidphp.exe:*:Enabled:Rapid PHP 2008"
"C:\Program Files\Miranda IM\miranda32.exe"="C:\Program Files\Miranda IM\miranda32.exe:*:Enabled:Miranda IM"
"D:\Program Files\Sony\Vegas Pro 8.0\VegSrv80.exe"="D:\Program Files\Sony\Vegas Pro 8.0\VegSrv80.exe:*:Enabled:Sony Vegas Network Render Service Control"
"C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe"="C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe:*:Enabled:Adobe CSI CS4"
"C:\Program Files\IndustryGiant 2\ig2.exe"="C:\Program Files\IndustryGiant 2\ig2.exe:*:Enabled:IndustryGiant 2"
"F:\HRY\Worms Armageddon\wormsarm\WA.exe"="F:\HRY\Worms Armageddon\wormsarm\WA.exe:*:Enabled:Worms Armageddon"
"C:\Program Files\Codemasters\Colin McRae Rally 2005\CMR5.EXE"="C:\Program Files\Codemasters\Colin McRae Rally 2005\CMR5.EXE:*:Enabled:Colin McRae Rally 2005 Application"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"D:\Program Files\KONAMI\Pro Evolution Soccer 2010\pes2010.exe"="D:\Program Files\KONAMI\Pro Evolution Soccer 2010\pes2010.exe:*:Enabled:Pro Evolution Soccer 2010"
"C:\Program Files\Yaho's Miranda IM\miranda32.exe"="C:\Program Files\Yaho's Miranda IM\miranda32.exe:*:Enabled:Miranda IM"
"C:\Program Files\Pinnacle\Studio 10\programs\RM.exe"="C:\Program Files\Pinnacle\Studio 10\programs\RM.exe:*:Enabled:Render Manager"
"C:\Program Files\Pinnacle\Studio 10\programs\Studio.exe"="C:\Program Files\Pinnacle\Studio 10\programs\Studio.exe:*:Enabled:Studio"
"C:\Program Files\Pinnacle\Studio 10\programs\PMSRegisterFile.exe"="C:\Program Files\Pinnacle\Studio 10\programs\PMSRegisterFile.exe:*:Enabled:PMSRegisterFile"
"C:\Program Files\Pinnacle\Studio 10\programs\umi.exe"="C:\Program Files\Pinnacle\Studio 10\programs\umi.exe:*:Enabled:umi"
"D:\Program Files\Pinnacle\Studio 12\Programs\RM.exe"="D:\Program Files\Pinnacle\Studio 12\Programs\RM.exe:*:Enabled:Render Manager"
"D:\Program Files\Pinnacle\Studio 12\Programs\Studio.exe"="D:\Program Files\Pinnacle\Studio 12\Programs\Studio.exe:*:Enabled:Studio"
"D:\Program Files\Pinnacle\Studio 12\Programs\umi.exe"="D:\Program Files\Pinnacle\Studio 12\Programs\umi.exe:*:Enabled:umi"
"C:\Program Files\FileZilla\FileZilla.exe"="C:\Program Files\FileZilla\FileZilla.exe:*:Enabled:FileZilla"
"C:\Program Files\Sony Ericsson\Update Service\Update Service.exe"="C:\Program Files\Sony Ericsson\Update Service\Update Service.exe:*:Enabled:Update Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{adaf60fe-cd69-11de-a80e-0016d45babdc}]
shell\AutoOpen\command - .\MSOCache\90000804-6000-11D3-8CFE-0150048383C9\KB915865.exe
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL .\MSOCache\90000804-6000-11D3-8CFE-0150048383C9\KB915865.exe


======File associations======

.js - open - "C:\Program Files\Adobe Dreamweaver CS3\DreamweaverPortable\App\Dreamweaver\Dreamweaver.exe","%1"

======List of files/folders created in the last 1 months======

2010-01-19 13:59:31 ----D---- C:\Program Files\CCleaner
2010-01-15 20:02:02 ----A---- C:\WINDOWS\system32\ptpusb.dll
2010-01-15 20:02:01 ----A---- C:\WINDOWS\system32\ptpusd.dll
2010-01-15 18:21:27 ----N---- C:\WINDOWS\system32\spmsgXP_2k3.dll
2010-01-15 18:20:51 ----HDC---- C:\WINDOWS\$NtUninstallWdf01007$
2010-01-15 14:51:46 ----A---- C:\WINDOWS\system32\WdfCoInstaller01007.dll
2010-01-13 03:08:06 ----HDC---- C:\WINDOWS\$NtUninstallKB955759$
2010-01-13 03:07:34 ----HDC---- C:\WINDOWS\$NtUninstallKB972270$
2010-01-09 16:20:49 ----D---- C:\Program Files\FilmManager
2010-01-02 22:38:31 ----D---- C:\Documents and Settings\Honza\Application Data\Thunderbird
2010-01-02 22:37:38 ----D---- C:\Program Files\Mozilla Thunderbird

======List of files/folders modified in the last 1 months======

2010-01-19 14:00:15 ----D---- C:\Program Files\trend micro
2010-01-19 14:00:02 ----D---- C:\WINDOWS\Temp
2010-01-19 13:59:31 ----RD---- C:\Program Files
2010-01-19 13:50:59 ----D---- C:\Program Files\Mozilla Firefox
2010-01-19 13:48:22 ----A---- C:\WINDOWS\system32\eRLog.ini
2010-01-19 13:45:43 ----A---- C:\WINDOWS\ModemLog_HDAUDIO Soft Data Fax Modem with SmartCP.txt
2010-01-19 13:44:18 ----AD---- C:\WINDOWS
2010-01-19 13:44:17 ----AD---- C:\WINDOWS\system32
2010-01-19 13:42:53 ----D---- C:\WINDOWS\Prefetch
2010-01-19 13:42:16 ----SD---- C:\WINDOWS\Tasks
2010-01-19 13:38:20 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-01-19 13:36:55 ----D---- C:\Documents and Settings\Honza\Application Data\uTorrent
2010-01-19 13:29:32 ----A---- C:\WINDOWS\ModemLog_Sony Ericsson Device 069 USB WMC Data Modem.txt
2010-01-19 13:29:31 ----A---- C:\WINDOWS\ModemLog_Sony Ericsson Device 069 USB WMC Modem.txt
2010-01-19 13:07:37 ----A---- C:\WINDOWS\NeroDigital.ini
2010-01-18 00:11:11 ----D---- C:\WINDOWS\system32\CatRoot2
2010-01-17 20:22:39 ----D---- C:\WINDOWS\Registration
2010-01-15 18:21:55 ----AD---- C:\WINDOWS\system32\drivers
2010-01-15 18:21:50 ----HD---- C:\WINDOWS\inf
2010-01-15 14:51:52 ----DC---- C:\WINDOWS\system32\DRVSTORE
2010-01-15 14:49:47 ----D---- C:\Program Files\Sony Ericsson
2010-01-14 10:37:16 ----D---- C:\Program Files\ESET
2010-01-13 18:30:46 ----A---- C:\WINDOWS\Codec Pack - All In 1 Setup Log.txt
2010-01-13 03:26:35 ----D---- C:\WINDOWS\AppPatch
2010-01-13 03:09:37 ----SHD---- C:\WINDOWS\Installer
2010-01-13 03:09:25 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2010-01-13 03:08:18 ----A---- C:\WINDOWS\imsins.BAK
2010-01-13 03:08:10 ----RSHD---- C:\WINDOWS\system32\dllcache
2010-01-13 03:08:05 ----HD---- C:\WINDOWS\$hf_mig$
2010-01-06 19:33:27 ----A---- C:\Documents and Settings\Honza\Application Data\AutoGK.ini
2010-01-05 01:17:46 ----A---- C:\WINDOWS\system32\MRT.exe
2010-01-02 22:39:16 ----SD---- C:\Documents and Settings\Honza\Application Data\Microsoft
2009-12-29 16:18:00 ----D---- C:\Program Files\Common Files\Blizzard Entertainment
2009-12-26 22:36:21 ----D---- C:\WINDOWS\system32\FxsTmp
2009-12-25 09:54:11 ----A---- C:\WINDOWS\Graffiti5.2Pin.ini
2009-12-25 09:52:23 ----D---- C:\Program Files\Boris FX, Inc
2009-12-20 04:30:10 ----D---- C:\Program Files\Google

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2009-02-06 106208]
R1 epfwtdir;epfwtdir; C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2009-02-06 93336]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-10 36096]
R1 OsaFsLoc;OsaFsLoc; \??\C:\WINDOWS\system32\drivers\OsaFsLoc.sys []
R1 PCLEPCI;PCLEPCI; \??\C:\WINDOWS\system32\drivers\pclepci.sys []
R1 prodrv06;StarForce Protection Environment Driver v6; C:\WINDOWS\System32\drivers\prodrv06.sys [2004-08-09 53920]
R1 StyleXPHelper;StyleXPHelper; \??\C:\Program Files\TGTSoft\StyleXP\StyleXPHelper.exe []
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2004-08-03 8832]
R2 adfs;adfs; C:\WINDOWS\system32\drivers\adfs.sys [2008-08-14 74720]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.4.9.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2008-03-09 21275]
R2 DefragFS;DefragFS; C:\WINDOWS\system32\DRIVERS\DefragFS.sys [2008-01-09 68624]
R2 eamon;eamon; C:\WINDOWS\system32\DRIVERS\eamon.sys [2009-02-06 113448]
R2 EpmPsd;Acer EPM Power Scheme Driver; \??\C:\WINDOWS\system32\drivers\epm-psd.sys []
R2 EpmShd;Acer EPM System Hardware Driver; \??\C:\WINDOWS\system32\drivers\epm-shd.sys []
R2 int15.sys;int15.sys; \??\C:\Acer\Empowering Technology\eRecovery\int15.sys []
R2 irda;IrDA Protocol; C:\WINDOWS\system32\DRIVERS\irda.sys [2004-08-03 87424]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2005-10-05 12544]
R2 osaio;osaio; \??\C:\WINDOWS\system32\drivers\osaio.sys []
R2 osanbm;osanbm; \??\C:\WINDOWS\system32\drivers\osanbm.sys []
R2 s24trans;WLAN Transport; C:\WINDOWS\system32\DRIVERS\s24trans.sys [2005-11-28 13568]
R3 bcm4sbxp;Broadcom 440x 10/100 Integrated Controller XP Driver; C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys [2005-10-31 45312]
R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2004-08-03 14080]
R3 DKbFltr;Dritek Keyboard Filter Driver; C:\WINDOWS\system32\DRIVERS\DKbFltr.sys [2004-12-08 16896]
R3 EMSCR;EMSCR; C:\WINDOWS\system32\DRIVERS\EMS7SK.sys [2006-06-16 61056]
R3 ESDCR;ESDCR; C:\WINDOWS\system32\DRIVERS\ESD7SK.sys [2006-06-16 40064]
R3 ESMCR;ESMCR; C:\WINDOWS\system32\DRIVERS\ESM7SK.sys [2006-06-16 74752]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2004-08-10 9600]
R3 HSF_DPV;HSF_DPV; C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys [2005-10-18 998656]
R3 HSFHWAZL;HSFHWAZL; C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys [2005-10-24 218496]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-06-28 4304384]
R3 KMWDFilter;KMWDFilter; \??\C:\WINDOWS\System32\Drivers\KMWDFilter.SYS []
R3 lv321av;Logitech USB PC Camera (VC0321); C:\WINDOWS\system32\DRIVERS\lv321av.sys [2006-06-19 1097728]
R3 lvmvdrv;Logitech Machine Vision Engine Loader; \??\C:\WINDOWS\system32\drivers\lvmvdrv.sys []
R3 LVPrcMon;Logitech LVPrcMon Driver; \??\C:\WINDOWS\system32\drivers\LVPrcMon.sys []
R3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\drivers\lvusbsta.sys [2006-06-19 39424]
R3 MarvinBus;Pinnacle Marvin Bus; C:\WINDOWS\system32\DRIVERS\MarvinBus.sys [2005-09-23 171520]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
R3 NdisFilt;OSA NdisFilter Protocol; C:\WINDOWS\System32\Drivers\NdisFilt.sys [2005-09-13 4392]
R3 NTIDrvr;Upper Class Filter Driver; C:\WINDOWS\system32\DRIVERS\NTIDrvr.sys [2006-09-02 6144]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2006-07-20 3685152]
R3 Rasirda;WAN Miniport (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2004-08-10 67584]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2006-03-03 192672]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2006-04-19 30080]
R3 usbhub;Microsoft USB Standard Hub Driver; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-10 57600]
R3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-10 26496]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2006-04-19 20608]
R3 w39n51;Intel(R) PRO/Wireless 3945ABG Adapter Driver; C:\WINDOWS\system32\DRIVERS\w39n51.sys [2006-04-03 1429632]
R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2005-10-18 721280]
S1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-10 14848]
S3 61883;61883 Unit Device; C:\WINDOWS\system32\DRIVERS\61883.sys [2004-08-03 48128]
S3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2004-08-10 60800]
S3 ASNDIS5;ASNDIS5 Protocol Driver; \??\C:\WINDOWS\system32\ASNDIS5.SYS []
S3 Avc;AVC Device; C:\WINDOWS\system32\DRIVERS\avc.sys [2004-08-03 38912]
S3 awf6jtlf;awf6jtlf; C:\WINDOWS\system32\drivers\awf6jtlf.sys []
S3 Axtmvflt;Axesstel USB Filter Service; C:\WINDOWS\system32\DRIVERS\Axtmvflt.sys [2007-03-22 3456]
S3 Axtmvmdm;Axesstel USB Modem; C:\WINDOWS\system32\DRIVERS\Axtmvmdm.sys [2007-03-26 40064]
S3 Axtmvprt;Axesstel Diagnostic Port; C:\WINDOWS\System32\Drivers\Axtmvprt.sys [2007-03-26 38784]
S3 BthEnum;Bluetooth Request Block Driver; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2004-08-03 17024]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2004-08-03 100992]
S3 BTHPORT;Bluetooth Port Driver; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-13 272128]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2004-08-03 18944]
S3 catchme;catchme; \??\C:\DOCUME~1\Honza\LOCALS~1\Temp\catchme.sys []
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024]
S3 dtscsi;dtscsi; C:\WINDOWS\System32\Drivers\dtscsi.sys [2008-02-09 223128]
S3 ggflt;SEMC USB Flash Driver Filter; C:\WINDOWS\system32\DRIVERS\ggflt.sys [2010-01-15 13224]
S3 ggsemc;SEMC USB Flash Driver; C:\WINDOWS\system32\DRIVERS\ggsemc.sys [2010-01-15 25512]
S3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2009-02-09 25280]
S3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2006-03-23 1166972]
S3 MHNDRV;MHN driver; C:\WINDOWS\system32\DRIVERS\mhndrv.sys [2004-08-10 11008]
S3 MSDV;Microsoft DV Camera and VCR; C:\WINDOWS\system32\DRIVERS\msdv.sys [2004-08-03 51328]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880]
S3 NETMNT;Acer NetMonitor Protocol; C:\WINDOWS\system32\DRIVERS\NETMNT.sys [2005-05-02 9600]
S3 nhcAcpi_driver;Notebook Hardware Control ACPI Driver; \??\C:\WINDOWS\system32\drivers\nhcAcpi.sys []
S3 nhcNT_driver;Notebook Hardware Control NT Driver; \??\C:\WINDOWS\system32\drivers\nhcNT.sys []
S3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2004-08-10 61824]
S3 PinnacleMarvinAVS;Pinnacle AVStream Service for MovieBox Deluxe, 500-USB and 700-USB; C:\WINDOWS\system32\DRIVERS\MarvinAVS.sys [2007-05-09 434176]
S3 PnkBstrK;PnkBstrK; \??\C:\WINDOWS\system32\drivers\PnkBstrK.sys []
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2004-08-03 59648]
S3 se45bus;Sony Ericsson Device 069 driver (WDM); C:\WINDOWS\system32\DRIVERS\se45bus.sys [2006-07-25 61536]
S3 se45mdfl;Sony Ericsson Device 069 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\se45mdfl.sys [2006-11-30 9360]
S3 se45mdm;Sony Ericsson Device 069 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\se45mdm.sys [2006-11-30 97088]
S3 se45mgmt;Sony Ericsson Device 069 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\se45mgmt.sys [2006-11-30 88624]
S3 se45nd5;Sony Ericsson Device 069 USB Ethernet Emulation SEMC45 (NDIS); C:\WINDOWS\system32\DRIVERS\se45nd5.sys [2006-11-30 18704]
S3 se45obex;Sony Ericsson Device 069 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\se45obex.sys [2006-11-30 86432]
S3 se45unic;Sony Ericsson Device 069 USB Ethernet Emulation SEMC45 (WDM); C:\WINDOWS\system32\DRIVERS\se45unic.sys [2006-11-30 90800]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-10 11136]
S3 SMCIRDA;SMSC IrCC Miniport Device Driver; C:\WINDOWS\system32\DRIVERS\smcirda.sys [2005-10-31 46080]
S3 SONYPVU1;Sony USB Filter Driver (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-10 15360]
S3 usbaudio;USB Audio Driver (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2004-08-03 59264]
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-10 31616]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp.sys [2009-10-29 95376]
S3 VBoxNetFlt;VBoxNetFlt Service; C:\WINDOWS\system32\DRIVERS\VBoxNetFlt.sys []
S3 w810bus;Sony Ericsson W810 Driver driver (WDM); C:\WINDOWS\system32\DRIVERS\w810bus.sys [2006-02-20 58288]
S3 w810mdfl;Sony Ericsson W810 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\w810mdfl.sys [2006-02-20 8336]
S3 w810mdm;Sony Ericsson W810 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\w810mdm.sys [2006-02-20 94064]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2008-03-27 503008]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S3 zlportio;zlportio; \??\D:\Program Files\UltraStar Deluxe\zlportio.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 aawservice;Ad-Aware 2007 Service; C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe [2008-03-19 607576]
R2 AWService;AdminWorks Agent X6; C:\Acer\Empowering Technology\admServ.exe [2005-10-24 1314816]
R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2004-08-10 14336]
R2 Capture Device Service;Capture Device Service; C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe [2007-03-06 198168]
R2 ehRecvr;Služba přijímače aplikace Media Center; C:\WINDOWS\eHome\ehRecvr.exe [2006-10-09 237568]
R2 ehSched;Služba plánování aplikace Media Center; C:\WINDOWS\eHome\ehSched.exe [2005-08-05 102912]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2009-02-06 727720]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [2005-11-28 114753]
R2 Irmon;Infrared Monitor; C:\WINDOWS\system32\svchost.exe [2004-08-10 14336]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-03-09 152984]
R2 KMWDSERVICE;Keyboard And Mouse Communication Service; C:\Program Files\Mouse Driver\KMWDSrv.exe [2008-06-23 208896]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2006-05-18 49152]
R2 LVPrcSrv;Logitech Process Monitor; c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe [2006-06-23 86016]
R2 McrdSvc;Media Center Extender Service; C:\WINDOWS\ehome\mcrdsvc.exe [2005-08-05 99328]
R2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe [2007-09-20 853288]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2006-07-19 143426]
R2 PD91Agent;PD91Agent; C:\Program Files\Raxco\PerfectDisk2008\PD91Agent.exe [2008-01-16 664840]
R2 PSI_SVC_2;Protexis Licensing V2; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [2007-07-24 185632]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [2005-11-28 217164]
R2 S24EventMonitor;Intel(R) PROSet/Wireless Service; C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [2005-11-28 540745]
R2 StarWindService;StarWind iSCSI Service; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe [2005-04-02 217600]
R2 StyleXPService;StyleXPService; C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe [2006-05-24 372736]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-10 14336]
R3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe [2007-09-20 382248]
S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2004-08-10 267776]
S2 gupdate1c97b5b71264586;Google Update Service (gupdate1c97b5b71264586); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-01-21 133104]
S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-08-09 190448]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2009-02-06 20680]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-07-07 655624]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 MHN;MHN; C:\WINDOWS\System32\svchost.exe [2004-08-10 14336]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PD91Engine;PD91Engine; C:\Program Files\Raxco\PerfectDisk2008\PD91Engine.exe [2008-01-16 894216]
S3 PnkBstrB;PnkBstrB; C:\WINDOWS\system32\PnkBstrB.exe [2009-02-12 183112]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files\WinPcap\rpcapd.exe -d -f C:\Program Files\WinPcap\rpcapd.ini []
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

[Rudy]

Dejte log z ComboFix.

Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode, pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k nezadoucim kolizim s rezidentem antispyware

[Jonjo]

ComboFix 10-01-18.03 - Honza 19.01.2010 19:29:17.2.2 - x86
Spuštěný z: c:\documents and settings\Honza\Desktop\ComboFix.exe
AV: ESET NOD32 Antivirus 4.0 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
* Rezidentní štít AV je zapnutý

.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\Honza\Application Data\AD ON Multimedia
c:\documents and settings\Honza\Application Data\AD ON Multimedia\eBay Shortcuts\config.ini
c:\documents and settings\Honza\My Documents\cc_20100119_141543.reg
c:\windows\system32\kernel1.exe
c:\windows\system32\twain_32.dll

.
((((((((((((((((((((((((( Soubory vytvořené od 2009-12-19 do 2010-01-19 )))))))))))))))))))))))))))))))
.

2010-01-19 18:11 . 2010-01-19 18:10 388608 ----a-w- c:\windows\system32\CF5472.exe
2010-01-19 17:35 . 2005-10-31 17:17 135168 ----a-w- c:\windows\system32\RtlCPAPI.dll
2010-01-19 17:27 . 2005-05-03 17:43 69632 ----a-w- c:\windows\Alcmtr.exe
2010-01-19 14:49 . 2010-01-19 14:49 -------- d-sh--w- c:\documents and settings\Administrator\IETldCache
2010-01-19 13:22 . 2010-01-19 13:36 -------- d-----w- c:\documents and settings\Honza\Application Data\Uniblue
2010-01-19 13:22 . 2010-01-19 17:53 -------- d-----w- c:\program files\Uniblue
2010-01-19 12:59 . 2010-01-19 12:59 -------- d-----w- c:\program files\CCleaner
2010-01-15 19:02 . 2001-08-17 21:36 5632 ----a-w- c:\windows\system32\ptpusb.dll
2010-01-15 19:02 . 2004-08-03 23:56 159232 ----a-w- c:\windows\system32\ptpusd.dll
2010-01-15 17:21 . 2008-03-21 12:57 14640 ------w- c:\windows\system32\spmsgXP_2k3.dll
2010-01-15 13:51 . 2010-01-15 13:50 25512 ----a-w- c:\windows\system32\drivers\ggsemc.sys
2010-01-15 13:51 . 2010-01-15 13:50 13224 ----a-w- c:\windows\system32\drivers\ggflt.sys
2010-01-15 13:51 . 2010-01-15 13:50 1112288 ----a-w- c:\windows\system32\WdfCoInstaller01007.dll
2010-01-09 15:20 . 2010-01-10 17:35 -------- d-----w- c:\program files\FilmManager
2010-01-02 21:38 . 2010-01-02 21:39 -------- d-----w- c:\documents and settings\Honza\Local Settings\Application Data\Thunderbird
2010-01-02 21:38 . 2010-01-02 21:38 -------- d-----w- c:\documents and settings\Honza\Application Data\Thunderbird
2010-01-02 21:37 . 2010-01-19 15:26 -------- d-----w- c:\program files\Mozilla Thunderbird

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-01-19 17:27 . 2006-09-01 23:54 -------- d-----w- c:\program files\Realtek
2010-01-19 13:58 . 2008-09-06 09:36 -------- d-----w- c:\program files\Hewlett-Packard
2010-01-19 13:55 . 2009-01-20 23:01 -------- d-----w- c:\program files\Google
2010-01-19 13:45 . 2008-04-10 08:02 -------- d-----w- c:\program files\TweakNow RegCleaner Std
2010-01-19 13:45 . 2008-10-10 12:13 -------- d-----w- c:\program files\FDRLab
2010-01-19 13:44 . 2009-03-04 08:15 -------- d-----w- c:\program files\Rapid PHP 2008
2010-01-19 13:44 . 2009-12-13 18:44 -------- d-----w- c:\documents and settings\Honza\Application Data\proDAD
2010-01-19 13:39 . 2008-05-22 09:59 -------- d-----w- c:\documents and settings\Honza\Application Data\uTorrent
2010-01-19 13:35 . 2009-12-13 18:38 -------- d-----w- c:\program files\Boris FX, Inc
2010-01-19 13:32 . 2008-03-16 12:15 -------- d-----w- c:\program files\Sony Ericsson
2010-01-19 13:00 . 2009-06-23 13:29 -------- d-----w- c:\program files\trend micro
2010-01-17 19:26 . 2009-11-26 02:41 79488 ----a-w- c:\documents and settings\Honza\Application Data\Sun\Java\jre1.6.0_17\gtapi.dll
2010-01-15 17:21 . 2010-01-15 17:21 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_ggsemc_01007.Wdf
2010-01-15 17:21 . 2010-01-15 17:21 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf
2010-01-14 09:37 . 2008-03-09 18:12 -------- d-----w- c:\program files\ESET
2010-01-13 02:09 . 2008-03-09 18:32 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help
2010-01-12 20:09 . 2009-11-27 21:19 2828 --sha-w- c:\documents and settings\All Users\Application Data\KGyGaAvL.sys
2010-01-12 20:09 . 2009-11-27 21:19 2828 --sha-w- c:\documents and settings\All Users\Application Data\KGyGaAvL.sys
2009-12-29 15:18 . 2008-04-18 09:44 -------- d-----w- c:\program files\Common Files\Blizzard Entertainment
2009-12-19 11:27 . 2008-04-30 15:12 -------- d-----w- c:\program files\DivX
2009-12-19 11:27 . 2006-09-01 23:54 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-12-18 14:29 . 2008-03-09 19:31 -------- d-----w- c:\program files\Winamp
2009-12-18 14:29 . 2009-12-18 14:29 -------- d-----w- c:\program files\Winamp Detect
2009-12-18 14:29 . 2009-09-07 19:51 -------- d-----w- c:\program files\Winamp Toolbar
2009-12-14 13:16 . 2009-12-09 18:15 -------- d-----w- c:\documents and settings\All Users\Application Data\Ulead Systems
2009-12-13 18:58 . 2008-03-09 16:43 448600 ----a-w- c:\documents and settings\Honza\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-12-13 18:44 . 2009-12-13 18:44 -------- d-----w- c:\program files\proDAD
2009-12-13 18:44 . 2009-12-13 18:44 -------- d-----w- c:\program files\LooksBuilderSE
2009-12-13 18:34 . 2009-12-09 16:06 -------- d-----w- c:\program files\Pinnacle
2009-12-13 18:32 . 2009-12-13 18:32 29926 ----a-r- c:\documents and settings\Honza\Application Data\Microsoft\Installer\{5EB90C06-964F-4195-B83E-BD7E55C88415}\ARPPRODUCTICON.exe
2009-12-13 18:29 . 2009-12-13 18:29 -------- d-----w- c:\program files\Common Files\Pinnacle
2009-12-13 18:27 . 2009-12-13 18:27 -------- d-----w- c:\documents and settings\All Users\Application Data\Pinnacle Studio Ultimate
2009-12-13 18:09 . 2009-12-13 18:09 -------- d-----w- c:\program files\Common Files\Yahoo!
2009-12-13 18:09 . 2009-12-13 18:09 -------- d-----w- c:\documents and settings\All Users\Application Data\Studio 12
2009-12-13 18:09 . 2009-12-13 18:09 -------- d-----w- c:\documents and settings\All Users\Application Data\Pinnacle Studio Plus
2009-12-10 17:24 . 2009-12-10 17:22 -------- d-----w- c:\program files\FileZilla
2009-12-10 06:52 . 2009-11-12 06:23 -------- d-----w- c:\documents and settings\Honza\Application Data\FileZilla
2009-12-09 18:34 . 2009-12-09 18:21 -------- d-----w- c:\documents and settings\Honza\Application Data\Ulead Systems
2009-12-09 18:18 . 2009-12-09 18:18 -------- d-----w- c:\program files\Common Files\InterVideo
2009-12-09 18:16 . 2009-12-09 18:16 -------- d-----w- c:\program files\Windows Media Components
2009-12-09 17:03 . 2009-12-09 16:07 -------- d-----w- c:\documents and settings\All Users\Application Data\Pinnacle Studio
2009-12-09 17:03 . 2009-12-09 16:06 -------- d-----w- c:\documents and settings\All Users\Application Data\Pinnacle
2009-11-29 21:47 . 2009-11-29 21:35 -------- d-----w- c:\documents and settings\Honza\Application Data\LangSoft
2009-11-29 21:42 . 2009-11-29 21:41 520192 ----a-w- c:\documents and settings\All Users\Application Data\LangSoft\WebIE.dll
2009-11-29 21:42 . 2009-11-29 21:38 -------- d-----w- c:\documents and settings\All Users\Application Data\LangSoft
2009-11-29 21:42 . 2009-11-29 21:41 299008 ----a-w- c:\documents and settings\All Users\Application Data\LangSoft\TrnWord.dll
2009-11-29 21:42 . 2009-11-29 21:41 356352 ----a-w- c:\documents and settings\All Users\Application Data\LangSoft\TrnOutl.dll
2009-11-29 21:42 . 2009-11-29 21:42 45056 ----a-w- c:\documents and settings\All Users\Application Data\LangSoft\TRNOEH.DLL
2009-11-29 21:42 . 2009-11-29 21:42 26624 ----a-w- c:\documents and settings\All Users\Application Data\LangSoft\OETRN.EXE
2009-11-29 21:42 . 2009-11-29 21:42 200704 ----a-w- c:\documents and settings\All Users\Application Data\LangSoft\TRNOET.DLL
2009-11-29 08:22 . 2009-11-27 21:17 -------- d-----w- c:\documents and settings\All Users\Application Data\Corel
2009-11-29 08:22 . 2009-11-29 08:22 -------- d-----w- c:\program files\Common Files\Protexis
2009-11-29 08:16 . 2009-11-29 08:16 -------- d-----w- c:\program files\Common Files\Corel
2009-11-29 08:07 . 2008-03-09 19:42 -------- d-----w- c:\program files\Corel
2009-11-27 21:19 . 2008-03-18 12:26 -------- d-----w- c:\documents and settings\Honza\Application Data\Corel
2009-11-27 21:19 . 2009-11-27 21:19 8 --sh--r- c:\documents and settings\All Users\Application Data\E9A24AA988.sys
2009-11-27 21:19 . 2009-11-27 21:19 8 --sh--r- c:\documents and settings\All Users\Application Data\E9A24AA988.sys
2009-11-24 16:06 . 2008-03-18 12:26 952 --sha-w- c:\windows\system32\KGyGaAvL.sys
2009-11-22 08:28 . 2009-11-22 08:26 -------- d-----w- c:\program files\Yaho's Miranda IM
2009-11-21 16:36 . 2004-08-10 18:00 470528 ----a-w- c:\windows\AppPatch\aclayers.dll
2009-10-29 13:48 . 2009-11-04 11:42 95376 ----a-w- c:\windows\system32\drivers\VBoxNetAdp.sys
2009-10-29 13:48 . 2009-11-04 11:41 41424 ----a-w- c:\windows\system32\drivers\VBoxUSBMon.sys
2009-10-29 13:48 . 2009-11-04 11:42 116368 ----a-w- c:\windows\system32\drivers\VBoxDrv.sys
2009-10-29 07:45 . 2006-01-09 18:02 916480 ----a-w- c:\windows\system32\wininet.dll
2009-10-24 13:37 . 2009-10-18 13:18 80896 ----a-w- c:\documents and settings\Honza\Application Data\Seven Zip\Codecs\LZMA.dll
2009-10-24 13:37 . 2009-10-18 13:18 5632 ----a-w- c:\documents and settings\Honza\Application Data\Seven Zip\Codecs\Swap.dll
2009-10-24 13:37 . 2009-10-18 13:18 5120 ----a-w- c:\documents and settings\Honza\Application Data\Seven Zip\Codecs\Copy.dll
2009-10-24 13:37 . 2009-10-18 13:18 18944 ----a-w- c:\documents and settings\Honza\Application Data\Seven Zip\Codecs\Branch.dll
2009-10-24 13:37 . 2009-10-18 13:18 129024 ----a-w- c:\documents and settings\Honza\Application Data\Seven Zip\Formats\7z.dll
2002-07-26 16:02 . 2009-12-13 18:31 153088 ----a-w- c:\program files\UNWISE.EXE
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Nero\Lib\NMBgMonitor.exe" [2007-09-20 202024]
"OEXPRESS"="c:\documents and settings\All Users\Application Data\LangSoft\OETRN.EXE" [2009-11-29 26624]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LaunchApp"="Alaunch" [X]
"igfxtray"="c:\windows\system32\igfxtray.exe" [2006-03-23 94208]
"igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2006-03-23 77824]
"igfxpers"="c:\windows\system32\igfxpers.exe" [2006-03-23 118784]
"ehTray"="c:\windows\ehome\ehtray.exe" [2005-08-05 64512]
"SkyTel"="SkyTel.EXE" [2006-05-16 2879488]
"AzMixerSel"="c:\program files\Realtek\InstallShield\AzMixerSel.exe" [2005-12-21 53248]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-03-03 761946]
"ADMTray.exe"="c:\acer\Empowering Technology\admtray.exe" [2005-10-24 2462208]
"eDataSecurity Loader"="c:\acer\Empowering Technology\eDataSecurity\eDSloader.exe" [2005-12-27 69632]
"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2004-08-10 208952]
"MSPY2002"="c:\windows\system32\IME\PINTLGNT\ImScInst.exe" [2004-08-10 59392]
"PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-10 455168]
"PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-10 455168]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-07-19 7581696]
"nwiz"="nwiz.exe" [2006-07-20 1519616]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2006-07-19 86016]
"Acer ePower Management"="c:\acer\Empowering Technology\ePower\Acer ePower Management.exe" [2006-05-22 3080704]
"LManager"="c:\progra~1\LAUNCH~1\LManager.exe" [2006-07-20 593920]
"eRecoveryService"="c:\acer\Empowering Technology\eRecovery\Monitor.exe" [2006-01-24 397312]
"LVCOMSX"="c:\windows\system32\LVCOMSX.EXE" [2006-06-23 225280]
"LogitechCameraAssistant"="c:\program files\Acer\OrbiCam\CameraAssistant.exe" [2006-06-26 331776]
"LogitechVideo[inspector]"="c:\program files\Acer\OrbiCam\InstallHelper.exe" [2006-06-26 13:55 73728]
"LogitechCameraService(E)"="c:\windows\system32\ElkCtrl.exe" [2004-11-01 262144]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"ISUSPM Startup"="c:\program files\Common Files\InstallShield\UpdateService\isuspm.exe" [2005-08-11 249856]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2005-08-11 81920]
"NeroFilterCheck"="c:\program files\Common Files\Nero\Lib\NeroCheck.exe" [2007-03-01 153136]
"NBKeyScan"="c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2007-09-20 1836328]
"Sony Ericsson PC Suite"="c:\program files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" [2006-11-23 487424]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-14 39792]
"KMCONFIG"="c:\program files\Mouse Driver\StartAutorun.exe" [2008-05-29 212992]
"AdobeCS4ServiceManager"="c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2009-02-06 2021400]
"USB2Check"="c:\windows\system32\PCLECoInst.dll" [2007-02-20 81920]
"USBToolTip"="c:\program files\Pinnacle\Shared Files\\Programs\USBTip\USBTip.exe" [2006-10-16 202312]
"ePower_DMC"="c:\acer\Empowering Technology\ePower\ePower_DMC.exe" [2006-08-10 352256]
"RTHDCPL"="RTHDCPL.EXE" [2006-06-28 16248320]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-10 15360]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ PDBoot.exe\0autocheck autochk *\0lsdelete

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Valve\\hl.exe"=
"c:\\Program Files\\QIP Infium\\infium.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Common Files\\Nero\\Nero Web\\SetupX.exe"=
"d:\\Counter-Strike Source\\hl2.exe"=
"c:\\WINDOWS\\System32\\PnkBstrA.exe"=
"c:\\WINDOWS\\System32\\PnkBstrB.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"d:\\Program Files\\Electronic Arts\\The Battle for Middle-earth (tm) II\\game.dat"=
"c:\\totalcmd\\TOTALCMD.EXE"=
"c:\\WINDOWS\\System32\\dpvsetup.exe"=
"d:\\Program Files\\Electronic Arts\\Red Alert 3\\Data\\ra3_1.0.game"=
"c:\\Program Files\\QIP Infium\\inf.exe"=
"c:\\Program Files\\Common Files\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe"=
"c:\\Program Files\\IndustryGiant 2\\ig2.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"d:\\Program Files\\KONAMI\\Pro Evolution Soccer 2010\\pes2010.exe"=
"c:\\Program Files\\Yaho's Miranda IM\\miranda32.exe"=
"d:\\Program Files\\Pinnacle\\Studio 12\\Programs\\RM.exe"=
"d:\\Program Files\\Pinnacle\\Studio 12\\Programs\\Studio.exe"=
"d:\\Program Files\\Pinnacle\\Studio 12\\Programs\\umi.exe"=
"c:\\Program Files\\FileZilla\\FileZilla.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
"5353:TCP"= 5353:TCP:Adobe CSI CS4

R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [6.2.2009 13:23 106208]
R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [6.2.2009 13:24 93336]
R2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [6.2.2009 13:23 727720]
R2 KMWDSERVICE;Keyboard And Mouse Communication Service;c:\program files\Mouse Driver\KMWDSrv.exe [23.6.2008 20:28 208896]
R2 PD91Agent;PD91Agent;c:\program files\Raxco\PerfectDisk2008\PD91Agent.exe [16.1.2008 9:52 664840]
R3 lv321av;Logitech USB PC Camera (VC0321);c:\windows\system32\drivers\lv321av.sys [19.6.2006 11:20 1097728]
S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [9.3.2008 19:57 639224]
S2 gupdate1c97b5b71264586;Google Update Service (gupdate1c97b5b71264586);c:\program files\Google\Update\GoogleUpdate.exe [21.1.2009 0:01 133104]
S3 Axtmvflt;Axesstel USB Filter Service;c:\windows\system32\drivers\axtmvflt.sys [13.11.2009 15:39 3456]
S3 Axtmvmdm;Axesstel USB Modem;c:\windows\system32\drivers\axtmvmdm.sys [13.11.2009 15:39 40064]
S3 Axtmvprt;Axesstel Diagnostic Port;c:\windows\system32\drivers\axtmvprt.sys [13.11.2009 15:39 38784]
S3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\drivers\ggflt.sys [15.1.2010 14:51 13224]
S3 nhcAcpi_driver;Notebook Hardware Control ACPI Driver;\??\c:\windows\system32\drivers\nhcAcpi.sys --> c:\windows\system32\drivers\nhcAcpi.sys [?]
S3 nhcNT_driver;Notebook Hardware Control NT Driver;\??\c:\windows\system32\drivers\nhcNT.sys --> c:\windows\system32\drivers\nhcNT.sys [?]
S3 PD91Engine;PD91Engine;c:\program files\Raxco\PerfectDisk2008\PD91Engine.exe [16.1.2008 9:52 894216]
S3 PinnacleMarvinAVS;Pinnacle AVStream Service for MovieBox Deluxe, 500-USB and 700-USB;c:\windows\system32\drivers\MarvinAVS.sys [13.12.2009 19:31 434176]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\drivers\VBoxNetAdp.sys [4.11.2009 12:42 95376]
S3 VBoxNetFlt;VBoxNetFlt Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys --> c:\windows\system32\DRIVERS\VBoxNetFlt.sys [?]
S3 zlportio;zlportio;\??\d:\program files\UltraStar Deluxe\zlportio.sys --> d:\program files\UltraStar Deluxe\zlportio.sys [?]
.
Obsah adresáře 'Naplánované úlohy'

2010-01-19 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-01-20 23:01]

2010-01-19 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-01-20 23:01]

2010-01-18 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-437514146-2928971401-383597723-1005Core.job
- c:\documents and settings\Honza\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-04-02 12:33]

2010-01-19 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-437514146-2928971401-383597723-1005UA.job
- c:\documents and settings\Honza\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-04-02 12:33]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://start.icq.com/
uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
uInternet Connection Wizard,ShellNext = hxxp://www.icq.com/start
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://uk.rd.yahoo.com/customize/ycomp/defaults/su/*http://uk.yahoo.com
IE: &Winamp Search - c:\documents and settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\documents and settings\All Users\Application Data\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748449} - c:\documents and settings\All Users\Application Data\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\documents and settings\All Users\Application Data\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\documents and settings\All Users\Application Data\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\documents and settings\All Users\Application Data\LangSoft\WebIE.dll
FF - ProfilePath - c:\documents and settings\Honza\Application Data\Mozilla\Firefox\Profiles\v1tr0dor.default\
FF - prefs.js: browser.search.selectedEngine - SluneÄŤnice
FF - prefs.js: browser.startup.homepage - hxxp://seznam.cz/
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_results.php?ch_id=afex&q=
FF - prefs.js: network.proxy.type - 2
FF - component: c:\documents and settings\Honza\Application Data\Mozilla\Firefox\Profiles\v1tr0dor.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}\components\WinampTBPlayer.dll
FF - plugin: c:\documents and settings\Honza\Local Settings\Application Data\Google\Update\1.2.183.13\npGoogleOneClick8.dll
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Update\1.2.183.13\npGoogleOneClick8.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npmozax.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\NPTURNMED.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npwachk.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

WebBrowser-{EEE6C35B-6118-11DC-9C72-001320C79847} - (no file)
HKCU-Run-AdobeBridge - (no file)
HKCU-RunOnce-UniblueRegistryBooster - c:\program files\Uniblue\RegistryBooster 2010\launcher.exe
AddRemove-PC Translator - c:\docume~1\Honza\LOCALS~1\Temp\UN32.EXE



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-01-19 19:53
Windows 5.1.2600 Service Pack 2 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_USERS\S-1-5-21-437514146-2928971401-383597723-1005\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{EC5D0BF0-93B9-BC7F-F885-CC3BAE430969}*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
"ablecpejiihebkljadlaaecmijihbbnbaf"=hex:61,61,00,00
"bblecpejiihebkljadebhdkiaheimgijpjko"=hex:61,61,00,00

[HKEY_USERS\S-1-5-21-437514146-2928971401-383597723-1005\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:7d,4c,a0,b4,3d,6f,b5,9a,a1,74,52,78,83,e1,1d,61,bb,37,ee,b0,4c,9f,d7,
32,be,4f,a3,87,e9,03,83,2c,90,5f,bf,c7,49,4e,c3,39,34,4b,a4,82,fb,20,8f,f8,\
"??"=hex:04,b3,c1,38,1b,0d,1b,33,54,28,b5,de,28,6b,f0,68

[HKEY_USERS\S-1-5-21-437514146-2928971401-383597723-1005\Software\SecuROM\License information*]
"datasecu"=hex:66,94,da,34,4b,ab,5a,06,b1,d3,44,e2,49,08,1e,87,45,23,b5,af,53,
7c,7f,dd,bf,6a,07,7f,12,0d,51,08,ad,e9,6f,ea,b6,62,86,53,07,b6,2e,db,d7,84,\
"rkeysecu"=hex:d6,3c,4d,c2,1a,da,6f,a6,ce,dc,51,82,f2,8e,23,99
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'winlogon.exe'(972)
c:\program files\Common Files\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll
.
Celkový čas: 2010-01-19 19:58:36
ComboFix-quarantined-files.txt 2010-01-19 18:58
ComboFix2.txt 2009-06-24 06:15

Před spuštěním: 827 378 176 bytes free
Po spuštění: 3 717 353 472

- - End Of File - - F7D77812FB8696EC53BEA5F7C22F1B0A

[Rudy]

Ještě dočistíme. Otevřte poznámkový blok a zkopírujte do něj:

Regnull::
[HKEY_USERS\S-1-5-21-437514146-2928971401-383597723-1005\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{EC5D0BF0-93B9-BC7F-F885-CC3BAE430969}*]

Uložte na plochu jako CFScript.txt. Pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.

[Jonjo]

Ok, provedl jsem. Po přetažení do ComboFixu mi to zobrazilo následující text:

!! VAROVÁNÍ !! Není bezpečné dále pokračovat.

Obsah a součásti ComboFixu byly narušeny.

Stáhněte si prosím novou kopii z:
http://www.bleepingcomputer.com/combofi ... e-combofix

Poznámka: Můžete být infikováni parazitickým souborovým virem (typicky: Virut).

Situace se vůbec nezměnila, počítač stále často zamrzává.

[Rudy]

Zkuste stáhnout novou kopii CF a zkuste to s ní.

[Jonjo]

Ok, zde je log:

ComboFix 10-01-19.01 - Honza 19.01.2010 22:31:31.3.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.420.1033.18.1022.642 [GMT 1:00]
Spuštěný z: c:\documents and settings\Honza\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Honza\Desktop\CFScript.txt
AV: ESET NOD32 Antivirus 4.0 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
* Rezidentní štít AV je zapnutý

.

((((((((((((((((((((((((( Soubory vytvořené od 2009-12-19 do 2010-01-19 )))))))))))))))))))))))))))))))
.

2010-01-19 20:01 . 2010-01-19 20:05 -------- d-----w- c:\program files\XP Codec Pack
2010-01-19 18:11 . 2010-01-19 18:10 388608 ----a-w- c:\windows\system32\CF5472.exe
2010-01-19 17:35 . 2005-10-31 17:17 135168 ----a-w- c:\windows\system32\RtlCPAPI.dll
2010-01-19 17:27 . 2005-05-03 17:43 69632 ----a-w- c:\windows\Alcmtr.exe
2010-01-19 14:49 . 2010-01-19 14:49 -------- d-sh--w- c:\documents and settings\Administrator\IETldCache
2010-01-19 13:22 . 2010-01-19 13:36 -------- d-----w- c:\documents and settings\Honza\Application Data\Uniblue
2010-01-19 13:22 . 2010-01-19 17:53 -------- d-----w- c:\program files\Uniblue
2010-01-19 12:59 . 2010-01-19 12:59 -------- d-----w- c:\program files\CCleaner
2010-01-15 19:02 . 2001-08-17 21:36 5632 ----a-w- c:\windows\system32\ptpusb.dll
2010-01-15 19:02 . 2004-08-03 23:56 159232 ----a-w- c:\windows\system32\ptpusd.dll
2010-01-15 17:21 . 2008-03-21 12:57 14640 ------w- c:\windows\system32\spmsgXP_2k3.dll
2010-01-15 13:51 . 2010-01-15 13:50 25512 ----a-w- c:\windows\system32\drivers\ggsemc.sys
2010-01-15 13:51 . 2010-01-15 13:50 13224 ----a-w- c:\windows\system32\drivers\ggflt.sys
2010-01-15 13:51 . 2010-01-15 13:50 1112288 ----a-w- c:\windows\system32\WdfCoInstaller01007.dll
2010-01-09 15:20 . 2010-01-10 17:35 -------- d-----w- c:\program files\FilmManager
2010-01-02 21:38 . 2010-01-02 21:39 -------- d-----w- c:\documents and settings\Honza\Local Settings\Application Data\Thunderbird
2010-01-02 21:38 . 2010-01-02 21:38 -------- d-----w- c:\documents and settings\Honza\Application Data\Thunderbird
2010-01-02 21:37 . 2010-01-19 20:20 -------- d-----w- c:\program files\Mozilla Thunderbird

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-01-19 17:27 . 2006-09-01 23:54 -------- d-----w- c:\program files\Realtek
2010-01-19 13:58 . 2008-09-06 09:36 -------- d-----w- c:\program files\Hewlett-Packard
2010-01-19 13:55 . 2009-01-20 23:01 -------- d-----w- c:\program files\Google
2010-01-19 13:45 . 2008-04-10 08:02 -------- d-----w- c:\program files\TweakNow RegCleaner Std
2010-01-19 13:45 . 2008-10-10 12:13 -------- d-----w- c:\program files\FDRLab
2010-01-19 13:44 . 2009-03-04 08:15 -------- d-----w- c:\program files\Rapid PHP 2008
2010-01-19 13:44 . 2009-12-13 18:44 -------- d-----w- c:\documents and settings\Honza\Application Data\proDAD
2010-01-19 13:39 . 2008-05-22 09:59 -------- d-----w- c:\documents and settings\Honza\Application Data\uTorrent
2010-01-19 13:35 . 2009-12-13 18:38 -------- d-----w- c:\program files\Boris FX, Inc
2010-01-19 13:32 . 2008-03-16 12:15 -------- d-----w- c:\program files\Sony Ericsson
2010-01-19 13:00 . 2009-06-23 13:29 -------- d-----w- c:\program files\trend micro
2010-01-17 19:26 . 2009-11-26 02:41 79488 ----a-w- c:\documents and settings\Honza\Application Data\Sun\Java\jre1.6.0_17\gtapi.dll
2010-01-15 17:21 . 2010-01-15 17:21 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_ggsemc_01007.Wdf
2010-01-15 17:21 . 2010-01-15 17:21 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf
2010-01-14 09:37 . 2008-03-09 18:12 -------- d-----w- c:\program files\ESET
2010-01-13 02:09 . 2008-03-09 18:32 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help
2010-01-12 20:09 . 2009-11-27 21:19 2828 --sha-w- c:\documents and settings\All Users\Application Data\KGyGaAvL.sys
2010-01-12 20:09 . 2009-11-27 21:19 2828 --sha-w- c:\documents and settings\All Users\Application Data\KGyGaAvL.sys
2009-12-29 15:18 . 2008-04-18 09:44 -------- d-----w- c:\program files\Common Files\Blizzard Entertainment
2009-12-19 11:27 . 2008-04-30 15:12 -------- d-----w- c:\program files\DivX
2009-12-19 11:27 . 2006-09-01 23:54 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-12-18 14:29 . 2008-03-09 19:31 -------- d-----w- c:\program files\Winamp
2009-12-18 14:29 . 2009-12-18 14:29 -------- d-----w- c:\program files\Winamp Detect
2009-12-18 14:29 . 2009-09-07 19:51 -------- d-----w- c:\program files\Winamp Toolbar
2009-12-14 13:16 . 2009-12-09 18:15 -------- d-----w- c:\documents and settings\All Users\Application Data\Ulead Systems
2009-12-13 18:58 . 2008-03-09 16:43 448600 ----a-w- c:\documents and settings\Honza\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-12-13 18:44 . 2009-12-13 18:44 -------- d-----w- c:\program files\proDAD
2009-12-13 18:44 . 2009-12-13 18:44 -------- d-----w- c:\program files\LooksBuilderSE
2009-12-13 18:34 . 2009-12-09 16:06 -------- d-----w- c:\program files\Pinnacle
2009-12-13 18:32 . 2009-12-13 18:32 29926 ----a-r- c:\documents and settings\Honza\Application Data\Microsoft\Installer\{5EB90C06-964F-4195-B83E-BD7E55C88415}\ARPPRODUCTICON.exe
2009-12-13 18:29 . 2009-12-13 18:29 -------- d-----w- c:\program files\Common Files\Pinnacle
2009-12-13 18:27 . 2009-12-13 18:27 -------- d-----w- c:\documents and settings\All Users\Application Data\Pinnacle Studio Ultimate
2009-12-13 18:09 . 2009-12-13 18:09 -------- d-----w- c:\program files\Common Files\Yahoo!
2009-12-13 18:09 . 2009-12-13 18:09 -------- d-----w- c:\documents and settings\All Users\Application Data\Studio 12
2009-12-13 18:09 . 2009-12-13 18:09 -------- d-----w- c:\documents and settings\All Users\Application Data\Pinnacle Studio Plus
2009-12-10 17:24 . 2009-12-10 17:22 -------- d-----w- c:\program files\FileZilla
2009-12-10 06:52 . 2009-11-12 06:23 -------- d-----w- c:\documents and settings\Honza\Application Data\FileZilla
2009-12-09 18:34 . 2009-12-09 18:21 -------- d-----w- c:\documents and settings\Honza\Application Data\Ulead Systems
2009-12-09 18:18 . 2009-12-09 18:18 -------- d-----w- c:\program files\Common Files\InterVideo
2009-12-09 18:16 . 2009-12-09 18:16 -------- d-----w- c:\program files\Windows Media Components
2009-12-09 17:03 . 2009-12-09 16:07 -------- d-----w- c:\documents and settings\All Users\Application Data\Pinnacle Studio
2009-12-09 17:03 . 2009-12-09 16:06 -------- d-----w- c:\documents and settings\All Users\Application Data\Pinnacle
2009-11-29 21:47 . 2009-11-29 21:35 -------- d-----w- c:\documents and settings\Honza\Application Data\LangSoft
2009-11-29 21:42 . 2009-11-29 21:41 520192 ----a-w- c:\documents and settings\All Users\Application Data\LangSoft\WebIE.dll
2009-11-29 21:42 . 2009-11-29 21:38 -------- d-----w- c:\documents and settings\All Users\Application Data\LangSoft
2009-11-29 21:42 . 2009-11-29 21:41 299008 ----a-w- c:\documents and settings\All Users\Application Data\LangSoft\TrnWord.dll
2009-11-29 21:42 . 2009-11-29 21:41 356352 ----a-w- c:\documents and settings\All Users\Application Data\LangSoft\TrnOutl.dll
2009-11-29 21:42 . 2009-11-29 21:42 45056 ----a-w- c:\documents and settings\All Users\Application Data\LangSoft\TRNOEH.DLL
2009-11-29 21:42 . 2009-11-29 21:42 26624 ----a-w- c:\documents and settings\All Users\Application Data\LangSoft\OETRN.EXE
2009-11-29 21:42 . 2009-11-29 21:42 200704 ----a-w- c:\documents and settings\All Users\Application Data\LangSoft\TRNOET.DLL
2009-11-29 08:22 . 2009-11-27 21:17 -------- d-----w- c:\documents and settings\All Users\Application Data\Corel
2009-11-29 08:22 . 2009-11-29 08:22 -------- d-----w- c:\program files\Common Files\Protexis
2009-11-29 08:16 . 2009-11-29 08:16 -------- d-----w- c:\program files\Common Files\Corel
2009-11-29 08:07 . 2008-03-09 19:42 -------- d-----w- c:\program files\Corel
2009-11-27 21:19 . 2008-03-18 12:26 -------- d-----w- c:\documents and settings\Honza\Application Data\Corel
2009-11-27 21:19 . 2009-11-27 21:19 8 --sh--r- c:\documents and settings\All Users\Application Data\E9A24AA988.sys
2009-11-27 21:19 . 2009-11-27 21:19 8 --sh--r- c:\documents and settings\All Users\Application Data\E9A24AA988.sys
2009-11-24 16:06 . 2008-03-18 12:26 952 --sha-w- c:\windows\system32\KGyGaAvL.sys
2009-11-22 08:28 . 2009-11-22 08:26 -------- d-----w- c:\program files\Yaho's Miranda IM
2009-11-21 16:36 . 2004-08-10 18:00 470528 ----a-w- c:\windows\AppPatch\aclayers.dll
2009-10-29 13:48 . 2009-11-04 11:42 95376 ----a-w- c:\windows\system32\drivers\VBoxNetAdp.sys
2009-10-29 13:48 . 2009-11-04 11:41 41424 ----a-w- c:\windows\system32\drivers\VBoxUSBMon.sys
2009-10-29 13:48 . 2009-11-04 11:42 116368 ----a-w- c:\windows\system32\drivers\VBoxDrv.sys
2009-10-29 07:45 . 2006-01-09 18:02 916480 ------w- c:\windows\system32\wininet.dll
2009-10-24 13:37 . 2009-10-18 13:18 80896 ----a-w- c:\documents and settings\Honza\Application Data\Seven Zip\Codecs\LZMA.dll
2009-10-24 13:37 . 2009-10-18 13:18 5632 ----a-w- c:\documents and settings\Honza\Application Data\Seven Zip\Codecs\Swap.dll
2009-10-24 13:37 . 2009-10-18 13:18 5120 ----a-w- c:\documents and settings\Honza\Application Data\Seven Zip\Codecs\Copy.dll
2009-10-24 13:37 . 2009-10-18 13:18 18944 ----a-w- c:\documents and settings\Honza\Application Data\Seven Zip\Codecs\Branch.dll
2009-10-24 13:37 . 2009-10-18 13:18 129024 ----a-w- c:\documents and settings\Honza\Application Data\Seven Zip\Formats\7z.dll
2002-07-26 16:02 . 2009-12-13 18:31 153088 ----a-w- c:\program files\UNWISE.EXE
.

((((((((((((((((((((((((((((( SnapShot@2010-01-19_18.53.06 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-01-19 21:20 . 2010-01-19 21:20 16384 c:\windows\Temp\Perflib_Perfdata_3e0.dat
+ 2006-11-02 15:10 . 2006-11-02 15:10 80912 c:\windows\system32\sherlock2.exe
+ 2004-08-10 05:52 . 2004-08-10 05:52 49221 c:\windows\system32\rv40.dll
+ 2004-08-10 05:52 . 2004-08-10 05:52 49221 c:\windows\system32\rv30.dll
+ 2004-08-10 05:51 . 2004-08-10 05:51 57411 c:\windows\system32\rv20.dll
+ 2004-08-10 05:50 . 2004-08-10 05:50 49216 c:\windows\system32\rv10.dll
+ 2008-12-17 16:22 . 2008-12-17 16:22 93184 c:\windows\system32\ff_wmv9.dll
+ 2008-12-17 16:22 . 2008-12-17 16:22 57344 c:\windows\system32\ff_vfw.dll
+ 2004-08-10 05:50 . 2004-08-10 05:50 65602 c:\windows\system32\cook.dll
+ 2004-08-10 05:50 . 2004-08-10 05:50 77889 c:\windows\system32\atrc.dll
+ 2004-08-10 05:50 . 2004-08-10 05:50 106561 c:\windows\system32\sipr.dll
+ 2003-11-25 22:32 . 2003-11-25 22:32 123392 c:\windows\system32\pncrt.dll
+ 2004-04-20 21:00 . 2004-04-20 21:00 172032 c:\windows\system32\OptimFROG.dll
+ 2008-12-17 15:59 . 2008-12-17 15:59 560802 c:\windows\system32\libmplayer.dll
+ 2004-08-10 05:52 . 2004-08-10 05:52 241723 c:\windows\system32\hxltcolor.dll
+ 2008-12-17 16:41 . 2008-12-17 16:41 884237 c:\windows\system32\ff_x264.dll
+ 2008-12-17 16:17 . 2008-12-17 16:17 239247 c:\windows\system32\ff_theora.dll
+ 2004-10-03 16:50 . 2004-10-03 16:50 129024 c:\windows\system32\ff_mpeg2enc.dll
+ 2004-11-24 18:25 . 2004-11-24 18:25 335872 c:\windows\system32\drvc.dll
+ 2004-08-10 05:51 . 2004-08-10 05:51 176195 c:\windows\system32\drv2.dll
+ 2004-08-10 05:50 . 2004-08-10 05:50 102464 c:\windows\system32\drv1.dll
+ 2009-06-24 13:39 . 2009-06-24 13:39 1003520 c:\windows\system32\VSFilter.dll
+ 2008-12-19 14:15 . 2008-12-19 14:15 4338246 c:\windows\system32\libavcodec.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Nero\Lib\NMBgMonitor.exe" [2007-09-20 202024]
"OEXPRESS"="c:\documents and settings\All Users\Application Data\LangSoft\OETRN.EXE" [2009-11-29 26624]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LaunchApp"="Alaunch" [X]
"igfxtray"="c:\windows\system32\igfxtray.exe" [2006-03-23 94208]
"igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2006-03-23 77824]
"igfxpers"="c:\windows\system32\igfxpers.exe" [2006-03-23 118784]
"ehTray"="c:\windows\ehome\ehtray.exe" [2005-08-05 64512]
"SkyTel"="SkyTel.EXE" [2006-05-16 2879488]
"AzMixerSel"="c:\program files\Realtek\InstallShield\AzMixerSel.exe" [2005-12-21 53248]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-03-03 761946]
"ADMTray.exe"="c:\acer\Empowering Technology\admtray.exe" [2005-10-24 2462208]
"eDataSecurity Loader"="c:\acer\Empowering Technology\eDataSecurity\eDSloader.exe" [2005-12-27 69632]
"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2004-08-10 208952]
"MSPY2002"="c:\windows\system32\IME\PINTLGNT\ImScInst.exe" [2004-08-10 59392]
"PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-10 455168]
"PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-10 455168]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-07-19 7581696]
"nwiz"="nwiz.exe" [2006-07-20 1519616]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2006-07-19 86016]
"Acer ePower Management"="c:\acer\Empowering Technology\ePower\Acer ePower Management.exe" [2006-05-22 3080704]
"LManager"="c:\progra~1\LAUNCH~1\LManager.exe" [2006-07-20 593920]
"eRecoveryService"="c:\acer\Empowering Technology\eRecovery\Monitor.exe" [2006-01-24 397312]
"LVCOMSX"="c:\windows\system32\LVCOMSX.EXE" [2006-06-23 225280]
"LogitechCameraAssistant"="c:\program files\Acer\OrbiCam\CameraAssistant.exe" [2006-06-26 331776]
"LogitechVideo[inspector]"="c:\program files\Acer\OrbiCam\InstallHelper.exe" [2006-06-26 13:55 73728]
"LogitechCameraService(E)"="c:\windows\system32\ElkCtrl.exe" [2004-11-01 262144]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"ISUSPM Startup"="c:\program files\Common Files\InstallShield\UpdateService\isuspm.exe" [2005-08-11 249856]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2005-08-11 81920]
"NeroFilterCheck"="c:\program files\Common Files\Nero\Lib\NeroCheck.exe" [2007-03-01 153136]
"NBKeyScan"="c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2007-09-20 1836328]
"Sony Ericsson PC Suite"="c:\program files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" [2006-11-23 487424]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-14 39792]
"KMCONFIG"="c:\program files\Mouse Driver\StartAutorun.exe" [2008-05-29 212992]
"AdobeCS4ServiceManager"="c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2009-02-06 2021400]
"USB2Check"="c:\windows\system32\PCLECoInst.dll" [2007-02-20 81920]
"USBToolTip"="c:\program files\Pinnacle\Shared Files\\Programs\USBTip\USBTip.exe" [2006-10-16 202312]
"ePower_DMC"="c:\acer\Empowering Technology\ePower\ePower_DMC.exe" [2006-08-10 352256]
"RTHDCPL"="RTHDCPL.EXE" [2006-06-28 16248320]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-10 15360]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ PDBoot.exe\0autocheck autochk *\0lsdelete

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Valve\\hl.exe"=
"c:\\Program Files\\QIP Infium\\infium.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Common Files\\Nero\\Nero Web\\SetupX.exe"=
"d:\\Counter-Strike Source\\hl2.exe"=
"c:\\WINDOWS\\System32\\PnkBstrA.exe"=
"c:\\WINDOWS\\System32\\PnkBstrB.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"d:\\Program Files\\Electronic Arts\\The Battle for Middle-earth (tm) II\\game.dat"=
"c:\\totalcmd\\TOTALCMD.EXE"=
"c:\\WINDOWS\\System32\\dpvsetup.exe"=
"d:\\Program Files\\Electronic Arts\\Red Alert 3\\Data\\ra3_1.0.game"=
"c:\\Program Files\\QIP Infium\\inf.exe"=
"c:\\Program Files\\Common Files\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe"=
"c:\\Program Files\\IndustryGiant 2\\ig2.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"d:\\Program Files\\KONAMI\\Pro Evolution Soccer 2010\\pes2010.exe"=
"c:\\Program Files\\Yaho's Miranda IM\\miranda32.exe"=
"d:\\Program Files\\Pinnacle\\Studio 12\\Programs\\RM.exe"=
"d:\\Program Files\\Pinnacle\\Studio 12\\Programs\\Studio.exe"=
"d:\\Program Files\\Pinnacle\\Studio 12\\Programs\\umi.exe"=
"c:\\Program Files\\FileZilla\\FileZilla.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
"5353:TCP"= 5353:TCP:Adobe CSI CS4

R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [6.2.2009 13:23 106208]
R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [6.2.2009 13:24 93336]
R2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [6.2.2009 13:23 727720]
R2 KMWDSERVICE;Keyboard And Mouse Communication Service;c:\program files\Mouse Driver\KMWDSrv.exe [23.6.2008 20:28 208896]
R2 PD91Agent;PD91Agent;c:\program files\Raxco\PerfectDisk2008\PD91Agent.exe [16.1.2008 9:52 664840]
R3 lv321av;Logitech USB PC Camera (VC0321);c:\windows\system32\drivers\lv321av.sys [19.6.2006 11:20 1097728]
S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [9.3.2008 19:57 639224]
S2 gupdate1c97b5b71264586;Google Update Service (gupdate1c97b5b71264586);c:\program files\Google\Update\GoogleUpdate.exe [21.1.2009 0:01 133104]
S3 Axtmvflt;Axesstel USB Filter Service;c:\windows\system32\drivers\axtmvflt.sys [13.11.2009 15:39 3456]
S3 Axtmvmdm;Axesstel USB Modem;c:\windows\system32\drivers\axtmvmdm.sys [13.11.2009 15:39 40064]
S3 Axtmvprt;Axesstel Diagnostic Port;c:\windows\system32\drivers\axtmvprt.sys [13.11.2009 15:39 38784]
S3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\drivers\ggflt.sys [15.1.2010 14:51 13224]
S3 nhcAcpi_driver;Notebook Hardware Control ACPI Driver;\??\c:\windows\system32\drivers\nhcAcpi.sys --> c:\windows\system32\drivers\nhcAcpi.sys [?]
S3 nhcNT_driver;Notebook Hardware Control NT Driver;\??\c:\windows\system32\drivers\nhcNT.sys --> c:\windows\system32\drivers\nhcNT.sys [?]
S3 PD91Engine;PD91Engine;c:\program files\Raxco\PerfectDisk2008\PD91Engine.exe [16.1.2008 9:52 894216]
S3 PinnacleMarvinAVS;Pinnacle AVStream Service for MovieBox Deluxe, 500-USB and 700-USB;c:\windows\system32\drivers\MarvinAVS.sys [13.12.2009 19:31 434176]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\drivers\VBoxNetAdp.sys [4.11.2009 12:42 95376]
S3 VBoxNetFlt;VBoxNetFlt Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys --> c:\windows\system32\DRIVERS\VBoxNetFlt.sys [?]
S3 zlportio;zlportio;\??\d:\program files\UltraStar Deluxe\zlportio.sys --> d:\program files\UltraStar Deluxe\zlportio.sys [?]
.
Obsah adresáře 'Naplánované úlohy'

2010-01-19 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-01-20 23:01]

2010-01-19 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-01-20 23:01]

2010-01-18 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-437514146-2928971401-383597723-1005Core.job
- c:\documents and settings\Honza\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-04-02 12:33]

2010-01-19 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-437514146-2928971401-383597723-1005UA.job
- c:\documents and settings\Honza\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-04-02 12:33]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://start.icq.com/
uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
uInternet Connection Wizard,ShellNext = hxxp://www.icq.com/start
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://uk.rd.yahoo.com/customize/ycomp/defaults/su/*http://uk.yahoo.com
IE: &Winamp Search - c:\documents and settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\documents and settings\All Users\Application Data\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748449} - c:\documents and settings\All Users\Application Data\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\documents and settings\All Users\Application Data\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\documents and settings\All Users\Application Data\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\documents and settings\All Users\Application Data\LangSoft\WebIE.dll
FF - ProfilePath - c:\documents and settings\Honza\Application Data\Mozilla\Firefox\Profiles\v1tr0dor.default\
FF - prefs.js: browser.search.selectedEngine - SluneÄŤnice
FF - prefs.js: browser.startup.homepage - hxxp://seznam.cz/
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_results.php?ch_id=afex&q=
FF - prefs.js: network.proxy.type - 2
FF - component: c:\documents and settings\Honza\Application Data\Mozilla\Firefox\Profiles\v1tr0dor.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}\components\WinampTBPlayer.dll
FF - plugin: c:\documents and settings\Honza\Local Settings\Application Data\Google\Update\1.2.183.13\npGoogleOneClick8.dll
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Update\1.2.183.13\npGoogleOneClick8.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npmozax.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\NPTURNMED.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npwachk.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-01-19 22:54
Windows 5.1.2600 Service Pack 2 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_USERS\S-1-5-21-437514146-2928971401-383597723-1005\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:7d,4c,a0,b4,3d,6f,b5,9a,a1,74,52,78,83,e1,1d,61,bb,37,ee,b0,4c,9f,d7,
32,be,4f,a3,87,e9,03,83,2c,90,5f,bf,c7,49,4e,c3,39,34,4b,a4,82,fb,20,8f,f8,\
"??"=hex:04,b3,c1,38,1b,0d,1b,33,54,28,b5,de,28,6b,f0,68

[HKEY_USERS\S-1-5-21-437514146-2928971401-383597723-1005\Software\SecuROM\License information*]
"datasecu"=hex:66,94,da,34,4b,ab,5a,06,b1,d3,44,e2,49,08,1e,87,45,23,b5,af,53,
7c,7f,dd,bf,6a,07,7f,12,0d,51,08,ad,e9,6f,ea,b6,62,86,53,07,b6,2e,db,d7,84,\
"rkeysecu"=hex:d6,3c,4d,c2,1a,da,6f,a6,ce,dc,51,82,f2,8e,23,99
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'winlogon.exe'(972)
c:\program files\Common Files\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll
.
Celkový čas: 2010-01-19 23:04:33
ComboFix-quarantined-files.txt 2010-01-19 22:04
ComboFix2.txt 2010-01-19 18:58
ComboFix3.txt 2009-06-24 06:15

Před spuštěním: 3 705 579 008 bytes free
Po spuštění: 3 658 279 936

- - End Of File - - 554C42B1D305967B52711E25F160488D

[Rudy]

Log již vypadá čistý.